You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
windows engineering workstations
About this tag
Windows engineering workstations are a critical part of industrial control system environments, as highlighted by recent ABB advisories. Vulnerabilities such as CVE-2025-9970 in ABB LVS MConfig and outdated SQLite components in B&R Automation Studio show that these workstations can inherit security debt from third-party libraries and credential-handling flaws. The tag covers discussions about patching, credential leaks, and the broader security posture of Windows-based engineering tools used in automation and low-voltage switchgear configuration. Recurring themes include the need for timely updates, the risk of local access vulnerabilities, and the importance of treating engineering workstations as part of the attack surface rather than harmless programming terminals.
ABB’s LVS MConfig versions 1.4.9.21 and earlier contain a high-severity credential-handling vulnerability, CVE-2025-9970, republished by CISA on May 26, 2026, after ABB’s October 8, 2025 advisory for its low-voltage switchgear configuration software. The flaw is not a flashy remote takeover bug...
ABB’s B&R Automation Studio versions earlier than 6.5 and version 6.5 are affected by a critical set of third-party component vulnerabilities, republished by CISA on May 21, 2026, after ABB first issued advisory SA25P007 on February 18, 2026. The awkward part is not that a vendor patched an...